|
![](/i/fill.gif) |
On Sun, 08 Sep 2013 10:24:20 -0700, Patrick Elliott wrote:
> On 9/7/2013 1:46 PM, Jim Henderson wrote:
>
>>> Ur.. I would presume "security". See, the way I see it, this measure
>>> they took wasn't to improve security at all, it was to damn up gaps in
>>> a wall, so they thieves couldn't get out, while still letting them in
>>> through the front gate.
>>
>> That's not a specific implementation, Patrick. Try again. You want to
>> say that the current system sucks, fine - but propose something better.
>> Dont' just say "security" as if that's a magic bullet. That's not
>> something specific to be implemented, it's a concept. You're smarter
>> than that.
>>
> Sigh.. You do realize that when they came up with this absurd solution
> it was back with like 98/XP, where half the security they added since
> didn't exist at all? So, sorry, but its not nonsensical to suggest
> adding things that don't bloody exist *at all* in the OS in the first
> place.
Explain how saying "security" is a *specific* solution, Patrick. Provide
some details as to what you mean - what would you /specifically/ add to
provide "security"?
> As I pointed out, a big solution would be, "don't let people run
> things without explicitly saying its OK to do so."
UAC. Already implemented. Or do you mean every time you launch an
application, you want something to pop-up to say (clippy-style, perhaps)
"I notice that you want to start Microsoft Word. Are you sure?"
> We can argue whether
> the current MS method of just asking, or the *nix version of having to
> know what the F you are doing, in order to explicitly set run
> permissions is better, and for whom, but the problem, for years, with
> windows, and still is, in some cases, that things can either install
> without asking, or circumvent safeguards, or, and this is the stupidest
> one - nearly every installer under windows triggers the, "Are you sure
> you want this thing to alter your machine?", question, which means
> people will ignore the safeguard anyway. At best.. some of them might
> question why a flash animation needs to, "change you machine
> configuration", but seriously...
Oh, you want users to actually be required to understand computers before
they use them?
Good luck with that.
>>> That would, imho, be a damn good start on it. MS didn't want to fix
>>> their core problem, so they came up with one that "broke" existing
>>> functionality, probably even for more than just that class of
>>> applications, then, 10+ years later they "finally" fixed some of the
>>> actual security.
>>
>> Technological implementation details, Patrick. Those are important.
>> Not general "just do it" type BS language. How do you tell if a
>> "small" program is a botnet or just a simple CLI utility (as is typical
>> in the *nix world) that does a specific task?
>>
> I would say, not even a CLI, if it doesn't come with the OS, should be
> allowed to do anything, unless you damn well know what it does, and
> explicitly allow it. Or, more to the point, **especially** if its
> something that small. But, heh, what the F do I know... And, its always
> better to make everything "convenient", than make it safe, unless you
> plan to make it a) convenient enough, and b) safe to the point where
> doing what you want with it will brick the machine - i.e., most Apple
> products.
Oh, so you want a completely locked down system that can only do things
that the OS vendor allows. Again, no specifics, and in that particular
case, the "abnormal" things you'd want to do would be explicitly
prohibited because they're not allowed.
You're nto making any sense here at all.
Jim
Post a reply to this message
|
![](/i/fill.gif) |